Alias /docs/ /usr/share/doc/pdc/docs/build/html/
Alias /saml2protected /usr/share/ipsilon/ui/saml2sp

WSGIDaemonProcess pdc user=apache group=apache maximum-requests=1000 display-name=pdc processes={{ wsgi_procs }} threads={{ wsgi_threads }}
WSGISocketPrefix run/wsgi
WSGIRestrictStdout On
WSGIRestrictSignal Off
WSGIPythonOptimize 1

WSGIScriptAlias /  /usr/lib/python2.7/site-packages/pdc/wsgi.py


<VirtualHost *:80>
    {% if env == 'staging' %}
    ServerName https://pdc.stg.fedoraproject.org
    {% else %}
    ServerName https://pdc.fedoraproject.org
    {% endif %}

    UseCanonicalName on

    RewriteEngine on

    # An entry for django admin
    RewriteCond "/usr/lib/python2.7/site-packages/django/contrib/admin/static/$1" -f
    RewriteRule "^/static/(.*)" "/usr/lib/python2.7/site-packages/django/contrib/admin/static/$1" [L]

    # First try to find the files in pdc
    RewriteCond "/usr/lib/python2.7/site-packages/pdc/static/$1" -f
    RewriteRule "^/static/(.*)" "/usr/lib/python2.7/site-packages/pdc/static/$1" [L]
    # Try to find them in the patternfly files
    RewriteRule "^/static/(.*)" "/usr/share/patternfly1/resources/$1" [L]

    <Location "/">
        SetHandler wsgi-script

        LimitRequestBody 256000000
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css
        Require all granted
        MellonEnable "info"
        MellonSPPrivateKeyFile "/etc/httpd/saml2/certificate.key"
        MellonSPCertFile "/etc/httpd/saml2/certificate.pem"
        MellonSPMetadataFile "/etc/httpd/saml2/metadata.xml"
        MellonIdPMetadataFile "/etc/httpd/saml2/idp-metadata.xml"
        MellonEndpointPath /saml2
        MellonVariable "saml-sesion-cookie"

        MellonUser "NAME_ID"
        MellonIdP "IDP"
        MellonSessionLength 3600
        # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
        # MellonPostDirectory "/var/lib/ipsilon/post_cache"
        # MellonPostReplay On
    </Location>

    <Location /auth/saml2login>
        WSGIProcessGroup pdc
        MellonEnable "auth"
        Header append Cache-Control "no-cache"
    </Location>


    WSGIPassAuthorization On
    <Location /rest_api/v1/auth/token>
        WSGIProcessGroup pdc
    </Location>

    <Location "/static">
        SetHandler None

        # Disable auth on the static content, so that we're aren't forced to
        # use Kerberos.  Doing so would remove "Expires" headers from the static
        # content, which would lead to poor page-load times.
        AuthType none
        Satisfy Any
        Require all granted

        # Many file types are likely to benefit from compression
        # Enable gzip compression on them:
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css

        # Set far-future Expires headers on static content
        # (trac 184):
        ExpiresActive On
        ExpiresDefault "access plus 10 years"
    </Location>

    <Location "/docs">
        SetHandler None

        # Disable auth on the static content, so that we're aren't forced to
        # use Kerberos.  Doing so would remove "Expires" headers from the static
        # content, which would lead to poor page-load times.
        AuthType none
        Satisfy Any
        Require all granted

        # Many file types are likely to benefit from compression
        # Enable gzip compression on them:
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css

        # Set far-future Expires headers on static content
        # (trac 184):
        ExpiresActive On
        ExpiresDefault "access plus 2 weeks"
    </Location>
</VirtualHost>
